<?php
require_once 'config.php';
require_once 'db_manager.php';
session_start();

// 生成验证码图片
if (isset($_GET['captcha'])) {
    header('Content-Type: image/png');
    $code = strval(rand(1000, 9999));
    $_SESSION['captcha'] = $code;
    $im = imagecreatetruecolor(80, 32);
    $bg = imagecolorallocate($im, 255, 255, 255);
    $textcolor = imagecolorallocate($im, 60, 60, 60);
    imagefilledrectangle($im, 0, 0, 80, 32, $bg);
    imagestring($im, 5, 18, 8, $code, $textcolor);
    // 干扰线
    for ($i = 0; $i < 3; $i++) {
        $linecolor = imagecolorallocate($im, rand(100,200), rand(100,200), rand(100,200));
        imageline($im, rand(0,80), rand(0,32), rand(0,80), rand(0,32), $linecolor);
    }
    imagepng($im);
    imagedestroy($im);
    exit();
}

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $username = $_POST['username'];
    $password = $_POST['password'];
    $captcha = $_POST['captcha'];
    
    if (!isset($_SESSION['captcha']) || $captcha !== $_SESSION['captcha']) {
        $error = "验证码错误";
    } else {
        // 获取远程用户信息
        $userData = file_get_contents(USER_AUTH_URL);
        $users = json_decode($userData, true)['users'];
        $authenticated = false;
        foreach ($users as $user) {
            if ($user['username'] === $username && $user['password'] === $password) {
                $authenticated = true;
                break;
            }
        }
        if ($authenticated) {
            $_SESSION['user_id'] = $username;
            $_SESSION['username'] = $username;
            header("Location: index.php");
            exit();
        } else {
            $error = "用户名或密码错误";
        }
    }
}
?>

<?php include 'header.php'; ?>

<div class="row justify-content-center">
    <div class="col-md-6">
        <div class="card">
            <div class="card-header">
                <h3 class="text-center">用户登录</h3>
            </div>
            <div class="card-body">
                <?php if(isset($error)): ?>
                    <div class="alert alert-danger"><?php echo $error; ?></div>
                <?php endif; ?>
                
                <form method="POST" action="">
                    <div class="mb-3">
                        <label for="username" class="form-label">用户名</label>
                        <input type="text" class="form-control" id="username" name="username" required>
                    </div>
                    <div class="mb-3">
                        <label for="password" class="form-label">密码</label>
                        <input type="password" class="form-control" id="password" name="password" required>
                    </div>
                    <div class="mb-3 row align-items-center">
                        <div class="col-7">
                            <label for="captcha" class="form-label">验证码</label>
                            <input type="text" class="form-control" id="captcha" name="captcha" maxlength="4" required autocomplete="off">
                        </div>
                        <div class="col-5 text-center">
                            <img src="?captcha=1" alt="验证码" id="captcha-img" style="cursor:pointer;vertical-align:middle;" title="点击刷新验证码" onclick="this.src='?captcha=1&'+Math.random()">
                        </div>
                    </div>
                    <div class="d-grid">
                        <button type="submit" class="btn btn-primary">登录</button>
                    </div>
                </form>
                <div class="text-center mt-3 text-muted" style="font-size:0.95rem;">
                    还没有帐号，请联系管理员添加。
                </div>
            </div>
        </div>
    </div>
</div>

<?php include 'footer.php'; ?> 